Follow

Subscribe to Nixhacker - The Reverser's Space

Get the latest posts delivered right to your inbox

Great! Check your inbox and click the link to confirm your subscription

Please enter a valid email address!
Log in Sign up

Rootkits

A rootkit is a clandestine computer program designed to provide continued privileged access to a computer while actively hiding its presence. In this part we will analysis rootkits hiding and exploiting techniques.

7 Articles

Hooking or Monitoring System calls in linux using ftrace

Rootkits 24 September 2021

Hooking or Monitoring System calls in linux using ftrace

In this post we will see how can you use ftrace to hook linux system calls. For learning purpose, we will create a kernel module that will make any target file immutable in system.

Remote debugging windows kernel driver(without symbols) using windbg

Reverse engineering 2 July 2021

Remote debugging windows kernel driver(without symbols) using windbg

In this post we are going to learn few tips and tricks to debug a Windows kernel driver without symbols in windbg.

Firmware security 3: Digging into System management mode (SMM)

Firmware 20 March 2021

Firmware security 3: Digging into System management mode (SMM)

In the third part of the series we are going to discuss System management mode (SMM) and it's security. Moreover, We will try to interact with the SMM from our linux system.

Firmware security 1: Playing with PCI device memory

Firmware 14 November 2020

Firmware security 1: Playing with PCI device memory

In this part of the series we will go through the basic of PCI devices and their memory. We will be developing linux kernel driver and using chipsec to analyze the data practically.

What's at 1st sector/MBR of hard disk(MBR Forensics)

Reverse engineering 22 November 2018

What's at 1st sector/MBR of hard disk(MBR Forensics)

MBR have lots of details about the hard disk or other storage disk which can be used for forensics purposes. In this article we will analyze the MBR's 512 bytes of data and try to interpret it.

Analyse default BIOS protection of your system against LoJax: UEFI rootkit

Firmware 28 September 2018

Analyse default BIOS protection of your system against LoJax: UEFI rootkit

LoJax is first rootkit in the wild that try to write a UEFI module into system's SPI Flash Memory. You can analyse your system's default BIOS/UEFI protection against such malware which we will discuss in this article.

Understanding Windows DKOM(Direct Kernel Object Manipulation) techniques(Part 1-EPROCESS)

Rootkits 13 June 2018

Understanding Windows DKOM(Direct Kernel Object Manipulation) techniques(Part 1-EPROCESS)

Windows uses different Objects structures for different purposes like io-management, process management etc. These structures are vulnerable to different attacks which we will going to discuss in this series.

No results found

↑ ↓ Navigate up/down

Enter Go to article

/ Search new term

Esc Close search

Success! Your account is fully activated, you now have access to all content.